Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-3294
PUBLISHED
More InfoOfficial Page
Assigner-TPLink
Assigner Org ID-f23511db-6c3e-4e32-a477-6aa17d310630
View Known Exploited Vulnerability (KEV) details
Published At-22 May, 2026 | 20:48
Updated At-22 May, 2026 | 20:48
Rejected At-
▼CVE Numbering Authority (CNA)
Authentication Logic Vulnerability on Multiple TP-Link Range Extenders

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full administrative control of the affected device, potentially impacting on confidentiality, integrity, and availability.

Affected Products
Vendor
TP-Link Systems Inc.
Product
Archer RE650 v1
Default Status
unaffected
Versions
Affected
  • From 0 before V1_20260429 (custom)
Vendor
TP-Link Systems Inc.
Product
Archer RE305 v1
Default Status
unaffected
Versions
Affected
  • From 0 before V1_20260515 (custom)
Vendor
TP Link Systems Inc.
Product
Archer RE360 v1
Default Status
unaffected
Versions
Affected
  • From 0 before V1_20260515 (custom)
Vendor
TP-Link Systems Inc.
Product
TL-WA860RE v4
Default Status
unaffected
Versions
Affected
  • From 0 before V4_20260515 (custom)
Vendor
TP-Link Systems Inc.
Product
RE580D v1
Default Status
unaffected
Versions
Affected
  • From 0 before V1_20260515 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-115CAPEC-115 Authentication Bypass
CAPEC ID: CAPEC-115
Description: CAPEC-115 Authentication Bypass
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Job Jobse
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.tp-link.com/en/support/download/re650/v1/#Firmware
patch
https://www.tp-link.com/us/support/download/re650/v1/#Firmware
patch
https://www.tp-link.com/us/support/download/re305/v1/#Firmware
patch
https://www.tp-link.com/en/support/download/re305/v1/#Firmware
patch
https://www.tp-link.com/us/support/download/re360/v1/#Firmware
patch
https://www.tp-link.com/en/support/download/re360/v1/#Firmware
patch
https://www.tp-link.com/us/support/download/tl-wa860re/v4/#Firmware
patch
https://www.tp-link.com/en/support/download/tl-wa860re/v4/#Firmware
patch
https://www.tp-link.com/en/support/download/re580d/#Firmware
patch
https://www.tp-link.com/us/support/download/re580d/#Firmware
patch
https://www.tp-link.com/us/support/faq/5101/
vendor-advisory
Hyperlink: https://www.tp-link.com/en/support/download/re650/v1/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/download/re650/v1/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/download/re305/v1/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/en/support/download/re305/v1/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/download/re360/v1/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/en/support/download/re360/v1/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/download/tl-wa860re/v4/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/en/support/download/tl-wa860re/v4/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/en/support/download/re580d/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/download/re580d/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/faq/5101/
Resource:
vendor-advisory
Details not found